Roles and responsibilities as Symantec Admin
Common issues and troubleshooting task of Symantec SEP client
1. If Risk has been identified and logged , you can trace the threat and submit to Symantec support else research further to get removal steps
2. If no threat found then Run SymHelp and Norton Power Eraser tool on Server and Workstation respectively.
3. This tool needs to be run with Threat scanning or load point analysis mode in order to identify boot level viruses, root kits etc. which antivirus unable to scan.
4. Boot level scanning with above tool required reboot and at the end it provided scan result of identified threats. You can remove threat by selecting the threat among
5. In case of attack, investigate whether attack happened from inbound or outbound. If inbound then block external public IP source to inside. If outbound then block inside any to external public (C2C) malicious server.
Important Note:
Hi Do you have some more detailed SOPs as well for the day to day operations ? Thanks